This repository has been archived by the owner on Aug 6, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 483
Some arithmetic overflow bugs found by afl.rs #446
Labels
Comments
Just come across the second of these in 'normal', non-fuzzing usage trying to find the intersection of two rectangles that don't intersect. I'm happy to submit a PR for this but unsure of preferred approach. Could either use |
I haven't worked on the project in a bit, but as a point of reference, when we hit a similar problem a long while ago we used saturating adds and subtracts #283 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I've using afl.rs to fuzz this crate. And I've found several API may panic due to arithmetic overflow.
There are four APIs we find may panic. We just download tui.rs from this respository and add it as a dependency to our fuzzing target. The codes to replay this panics are
we also put these code on first, second, third, fourth.
The bug report is
I hope you can check if these are real bugs need to be fixed. Thanks a lot.
The text was updated successfully, but these errors were encountered: